Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unique user shared keys

    Scheduled Pinned Locked Moved OpenVPN
    6 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      Heli0s
      last edited by

      I know that pfSense allows you to create a VPN user to connect to the OpenVPN using the username and password as a Road Warrior connection. Instead of using a username and password, is it possible to have a unique key for each user and just give the user one ovpn file that contains everything (including the user's shared key)?

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        It doesn't look like you can do shared-key only but it does look like you can do certificates with no user auth.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • H
          Heli0s
          last edited by

          How do I generate a unique ovpn file and give it to a user so that they don't have to enter a username/password when they connect? All the ovpn files that I've exported are server specific instead of user specific (meaning that all users have the same file) and when the user connects, they still need to enter a username and password.

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            I use the OpenVPN client export package.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • H
              Heli0s
              last edited by

              Hmmm… When you export the ovpn file, which file do you choose? For testing, I used the Android OpenVPN file and it still asked me for a username/password. My OpenVPN Server is also set to SSL + user auth. Is that correct?

              For the most part, I used this tutorial: http://www.youtube.com/watch?v=VdAHVSTl1ys

              1 Reply Last reply Reply Quote 0
              • DerelictD
                Derelict LAYER 8 Netgate
                last edited by

                If your VPN is set to user auth, that's what it's going to use.

                I've never done this but on 2.1.5 I'd use Remote Access ( SSL/TLS ).

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.